class UsersController < ApplicationController
  # GET /users
  # GET /users.json
  def index

    if !admin?
      flash.now.alert = "Please, log as admin"
      respond_to do |format|
        format.html { render "home/index"}
      end
    return
    end

    @users = User.all

    respond_to do |format|
      format.html # index.html.erb
      format.json { render :json => @users }
    end
  end

  # GET /users/1
  # GET /users/1.json
  def show

    if current_user.id.to_s == params[:id].to_s || admin?

      @user = User.find(params[:id])
      @user_collections = Collection.joins(:user_collections).where('user_id = ?', params[:id])
      @user_collection_ratings = CollectionRating.find_all_by_user_id(@user)
      @user_book_ratings = CollectionRating.find_all_by_user_id(@user)

      respond_to do |format|
        format.html # show.html.erb
        format.json { render :json => @user }
      end

    else
      flash.now.alert = "Please, log as admin to manage user accounts"
      respond_to do |format|
        format.html { render "home/index"}
      end
    return
    end

  end

  # GET /users/new
  # GET /users/new.json
  def new
    @user = User.new

    respond_to do |format|
      format.html # new.html.erb
      format.json { render :json => @user }
    end
  end

  # GET /users/1/edit
  def edit

    if current_user.id.to_s == params[:id].to_s || admin?
      @user = User.find(params[:id])
    else
      flash.now.alert = "Please, log as admin to manage user accounts"
      respond_to do |format|
        format.html { render "home/index"}
      end
    return
    end
  end

  # POST /users
  # POST /users.json
  def create

    @user = User.new(params[:user])
    @user.password=params[:user][:password]
    if current_user && current_user.admin?
      @user.admin = params[:admin]
    else
    @user.admin = false
    end

    respond_to do |format|
      if @user.save
        session[:user_id] = @user.id unless current_user
        format.html { redirect_to @user, :notice => 'User was successfully created.' }
        format.json { render :json => @user, :status => :created, :location => @user }
      else
        format.html { render :action => "new" }
        format.json { render :json => @user.errors, :status => :unprocessable_entity }
      end
    end
  end

  # PUT /users/1
  # PUT /users/1.json
  def update

    if params[:id].to_s == current_user.id.to_s || admin?

      @user = User.find(params[:id])
      if current_user && current_user.admin?
        @user.admin = params[:admin]
      else
        @user.admin = false
      end

      respond_to do |format|
        if @user.update_attributes(params[:user])
          format.html { redirect_to @user, :notice => 'User was successfully updated.' }
          format.json { head :no_content }
        else
          format.html { render :action => "edit" }
          format.json { render :json => @user.errors, :status => :unprocessable_entity }
        end
      end

    else
      flash.now.alert = "Please, log as admin to manage user accounts"
      respond_to do |format|
        format.html { render "home/index"}
      end
    return
    end

  end

  # DELETE /users/1
  # DELETE /users/1.json
  def destroy

    if params[:id].to_s == current_user.id.to_s || admin?
      @user = User.find(params[:id])
      @user.destroy
      destroy_user_session
      respond_to do |format|
        format.html { redirect_to users_url }
        format.json { head :no_content }
      end

    else
      flash.now.alert = "Please, log as admin to manage user accounts"
      respond_to do |format|
        format.html { render "home/index"}
      end
    return
    end

  end

  def manage

    if admin?
      respond_to do |format|
        format.html { render "manage" }
      end
    else
      flash.now.alert = "Please, log as admin to manage user accounts"
      respond_to do |format|
        format.html { render "home/index"}
      end
    return
    end

  end

end
